let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enforce device-bound connect challenge

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-20 11:15:10 +00:00
parent 121ae6036b
commit dfbf6ac263
21 changed files with 953 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/gateway/device-auth.ts
View File

@@ -6,13 +6,16 @@ export type DeviceAuthPayloadParams = {
scopes: string[];
signedAtMs: number;
token?: string | null;
nonce?: string | null;
version?: "v1" | "v2";
};
export function buildDeviceAuthPayload(params: DeviceAuthPayloadParams): string {
const version = params.version ?? (params.nonce ? "v2" : "v1");
const scopes = params.scopes.join(",");
const token = params.token ?? "";
return [
"v1",
const base = [
version,
params.deviceId,
params.clientId,
params.clientMode,
@@ -20,5 +23,9 @@ export function buildDeviceAuthPayload(params: DeviceAuthPayloadParams): string
scopes,
String(params.signedAtMs),
token,
].join("|");
];
if (version === "v2") {
base.push(params.nonce ?? "");
}
return base.join("|");
}